On Tue, Jan 25, 2005 at 08:01:00AM +0100, Goswin von Brederlow wrote: [...] > Both of them, if exploitable, would be bugs in the Xrm or Xpm library > respectively. > > The same argument can probably made against pretty much any X > application and X itself. There is a lot of software that just loads > in user defined xpm files and such.
The difference is the setgid bit, which AFAICT was the whole point of the bug report. If it is removed, most of the issues aren't problematic anymore. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
